Documentation
¶
Index ¶
- func NetpolKey(netpol *networkingv1.NetworkPolicy) string
- func WarningsTable(warnings []Warning) string
- type Check
- type Warning
- func Lint(kubePolicies []*networkingv1.NetworkPolicy, skip *set.Set[Check]) []Warning
- func LintNetworkPolicyPorts(policy *networkingv1.NetworkPolicy, ports []networkingv1.NetworkPolicyPort) []Warning
- func LintResolvedPolicies(policies *matcher.Policy) []Warning
- func LintSourcePolicies(kubePolicies []*networkingv1.NetworkPolicy) []Warning
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func NetpolKey ¶ added in v0.5.1
func NetpolKey(netpol *networkingv1.NetworkPolicy) string
func WarningsTable ¶
Types ¶
type Check ¶
type Check string
const ( // CheckSourceMissingNamespace omitting the namespace will create the policy in the default namespace CheckSourceMissingNamespace Check = "CheckSourceMissingNamespace" // CheckSourcePortMissingProtocol omitting the protocol from a NetworkPolicyPort will default to TCP CheckSourcePortMissingProtocol Check = "CheckSourcePortMissingProtocol" // CheckSourceMissingPolicyTypes omitting the types can sometimes be automatically handled; but it's better to explicitly list them CheckSourceMissingPolicyTypes Check = "CheckSourceMissingPolicyTypes" // CheckSourceMissingPolicyTypeIngress if the policy has ingress rules, then that type should be present CheckSourceMissingPolicyTypeIngress Check = "CheckSourceMissingPolicyTypeIngress" // CheckSourceMissingPolicyTypeEgress if the policy has egress rules, then that type should be present CheckSourceMissingPolicyTypeEgress Check = "CheckSourceMissingPolicyTypeEgress" // CheckSourceDuplicatePolicyName duplicate names of source network policies CheckSourceDuplicatePolicyName Check = "CheckSourceDuplicatePolicyName" CheckDNSBlockedOnTCP Check = "CheckDNSBlockedOnTCP" CheckDNSBlockedOnUDP Check = "CheckDNSBlockedOnUDP" CheckTargetAllIngressBlocked Check = "CheckTargetAllIngressBlocked" CheckTargetAllEgressBlocked Check = "CheckTargetAllEgressBlocked" CheckTargetAllIngressAllowed Check = "CheckTargetAllIngressAllowed" CheckTargetAllEgressAllowed Check = "CheckTargetAllEgressAllowed" )
type Warning ¶
type Warning interface {
OriginIsSource() bool
GetCheck() Check
GetTarget() string
GetSourcePolicies() string
}
func Lint ¶
func Lint(kubePolicies []*networkingv1.NetworkPolicy, skip *set.Set[Check]) []Warning
func LintNetworkPolicyPorts ¶
func LintNetworkPolicyPorts(policy *networkingv1.NetworkPolicy, ports []networkingv1.NetworkPolicyPort) []Warning
func LintResolvedPolicies ¶
func LintSourcePolicies ¶
func LintSourcePolicies(kubePolicies []*networkingv1.NetworkPolicy) []Warning
Source Files
Click to show internal directories.
Click to hide internal directories.